From 7470d3f502c285b8cec5f94fc5bb3c5b314ff4d7 Mon Sep 17 00:00:00 2001 From: Kaloyan Danchev Date: Sat, 31 Jan 2026 22:22:10 +0200 Subject: [PATCH] Update documentation with correct VLAN IPs Hardware Inventory: - Unraid server: 192.168.10.20 - Unraid AdGuard (macvlan): 192.168.10.10 - Router: 192.168.10.1 - CSS326 switch: 192.168.10.9 - ZX switch: 192.168.10.7 - cAP XL: 192.168.10.6 Critical Services: - Updated DNS section with correct container IPs - Added failover details and Web UI URLs - Updated routing to reflect VLAN structure - Updated DHCP pools for all VLANs Co-Authored-By: Claude Opus 4.5 --- docs/02-SERVICES-CRITICAL.md | 43 +++++++++++++++++++---------------- docs/04-HARDWARE-INVENTORY.md | 17 +++++++------- 2 files changed, 32 insertions(+), 28 deletions(-) diff --git a/docs/02-SERVICES-CRITICAL.md b/docs/02-SERVICES-CRITICAL.md index 230ec07..d14f71d 100644 --- a/docs/02-SERVICES-CRITICAL.md +++ b/docs/02-SERVICES-CRITICAL.md @@ -1,6 +1,6 @@ # Critical Services -**Last Updated:** 2026-01-25 +**Last Updated:** 2026-01-31 Services that must remain operational for network functionality and security. @@ -21,21 +21,23 @@ Services that must remain operational for network functionality and security. | Instance | Host | IP | Role | |----------|------|-----|------| -| Primary | HAP1 | 172.17.0.5 | Main DNS, DoH/DoT/DoQ | -| Secondary | XTRM-U | 192.168.31.4 | Failover DNS | +| Primary | HAP1 (container) | 172.17.0.2 | Main DNS | +| Secondary | XTRM-U (macvlan) | 192.168.10.10 | Failover DNS | -**Endpoints:** -- DoH: `https://dns.xtrm-lab.org/dns-query` -- DoT: `tls://dns.xtrm-lab.org:853` -- DoQ: `quic://dns.xtrm-lab.org:8853` +**Failover:** Automatic via Netwatch (ping + DNS resolution checks) -**Config Sync:** adguardhome-sync (every 30 min) +**Config Sync:** adguardhome-sync (every 30 min, Unraid → MikroTik) -**Upstream:** Quad9 DoH (`https://dns10.quad9.net/dns-query`) +**Upstream:** Quad9 DoH (`https://dns.quad9.net/dns-query`) + +**Web UI:** +- Primary: http://192.168.10.1:3000 +- Secondary: http://192.168.10.10:3000 +- Credentials: jazzymc / 7RqWElENNbZnPW **Recovery:** -1. If primary fails → clients use secondary (192.168.31.4) -2. Restart container on HAP1: `/container/start adguardhome` +1. If primary fails → automatic failover to secondary (192.168.10.10) +2. Manual restart: `/container start [find name~"adguard"]` --- @@ -44,25 +46,28 @@ Services that must remain operational for network functionality and security. | Function | Details | |----------|---------| | WAN | 62.73.120.142 via Vivacom fiber | -| LAN | 192.168.31.0/24 | -| NAT | Port forwarding to XTRM-U | +| VLANs | 10 (Mgmt), 20 (Trusted), 25 (Kids), 30 (IoT), 40 (CatchAll) | +| NAT | Port forwarding to XTRM-U (192.168.10.20) | | Firewall | RouterOS firewall rules | **Recovery:** 1. Physical access to HAP1 2. Reset: hold reset button 5s -3. Reconfigure via WinBox or SSH +3. Reconfigure via WinBox or SSH (port 2222) --- ### DHCP (HAP1) -| Pool | Range | -|------|-------| -| Dynamic | 192.168.31.100-200 | -| Lease Time | 24 hours | +| VLAN | Pool | Range | +|------|------|-------| +| 10 (Mgmt) | pool-vlan10 | 192.168.10.100-200 | +| 20 (Trusted) | pool-vlan20 | 192.168.20.100-200 | +| 25 (Kids) | pool-vlan25 | 192.168.25.100-200 | +| 30 (IoT) | pool-vlan30 | 192.168.30.100-200 | +| 40 (CatchAll) | dhcp | 192.168.1.10-254 | -**Static Leases:** Managed in RouterOS DHCP server +**Lease Time:** 30 minutes --- diff --git a/docs/04-HARDWARE-INVENTORY.md b/docs/04-HARDWARE-INVENTORY.md index 083e774..257baaf 100644 --- a/docs/04-HARDWARE-INVENTORY.md +++ b/docs/04-HARDWARE-INVENTORY.md @@ -1,6 +1,6 @@ # Hardware Inventory -**Last Updated:** 2026-01-27 +**Last Updated:** 2026-01-31 --- @@ -12,7 +12,7 @@ |----------|-------| | **Role** | Router, WiFi Controller, DNS | | **Location** | 19" Rack U3 (on shelf) | -| **IP** | 192.168.31.1 | +| **IP** | 192.168.10.1 | | **MAC** | 78:9A:18:2C:A5:48 | | **OS** | RouterOS 7.20.6 | | **Serial** | - | @@ -36,12 +36,12 @@ |----------|-------| | **Role** | Distribution Switch | | **Location** | 19" Rack U1 | -| **IP** | 192.168.31.9 | +| **IP** | 192.168.10.9 | | **MAC** | F4:1E:57:C9:BD:09 | | **OS** | SwOS 2.16 | | **Serial** | - | | **Docs** | https://help.mikrotik.com/docs/spaces/UM/pages/17498168/CSS326-24G-2S+RM | -| **Web UI** | http://192.168.31.9 | +| **Web UI** | http://192.168.10.9 | **Ports:** 24x 1G RJ45, 2x 10G SFP+ - SFP1: 10G DAC to ZX1 @@ -55,7 +55,7 @@ |----------|-------| | **Role** | Core Switch (2.5GbE) | | **Location** | 10" Rack U7 (on shelf) | -| **IP** | 192.168.31.7 | +| **IP** | 192.168.10.7 | | **MAC** | 1C:2A:A3:1E:78:67 | | **Serial** | - | @@ -75,7 +75,7 @@ |----------|-------| | **Role** | Wireless Access Point | | **Location** | Corridor (ceiling) | -| **IP** | 192.168.31.6 | +| **IP** | 192.168.10.6 | | **MAC** | 18:FD:74:54:3D:BC | | **OS** | RouterOS 7.x | | **Serial** | HCT085KBH8B | @@ -103,7 +103,7 @@ |----------|-------| | **Role** | Production Server | | **Location** | 10" Rack U1-U4 | -| **IP** | 192.168.31.2 | +| **IP** | 192.168.10.20 | | **OS** | Unraid 6.x | **Network:** @@ -122,8 +122,7 @@ **Virtual IPs:** | IP | Purpose | |----|---------| -| 192.168.31.4 | AdGuard Home (macvlan) | -| 192.168.31.15 | (reserved) | +| 192.168.10.10 | AdGuard Home (macvlan) - DNS Failover | ---